ThreatConnectRQ

RQ is the only cyber risk quantification product able to ingest data about your environment (controls and vulnerabilities) to quantify financial exposure to cyber-attacks and prioritize security investments and CVEs by financial risk.

RQ automates tedious and time-consuming risk quantification in a single platform that allows you to:

• Provide exposure to cyber attacks in financial terms.
• Prioritize mitigation efforts based on financial risk reduction
• Analyze an unlimited number of scenarios (including FAIR)

RQ uses industry data, and our own data, to pre-build loss and attack models. Loss models in RQ use a variety of techniques such as statistical modeling, regression analyses and machine learning to compute losses.

Technical models leverage the MITRE ATT&CK Framework and control frameworks like ISO 27001, NIST CSF and CIS 20 to compute attack paths. These paths are then evaluated to determine how best to mitigate attacks.

RQ lets you create an unlimited number of custom scenarios to augment your automated analysis. Scenario types in RQ include:

• FAIR scenarios
• Semi-Automated FAIR scenario’s (automated input)
• Fully automated loss computations